base64 functions with SASL in INN
Julien ÉLIE
julien at trigofacile.com
Fri Jun 19 19:56:01 UTC 2009
Hi Russ,
> I guess my point is that, in this code, if we tell SASL that it has a
> buffer of outlen*2 + 10 and it actually writes to all of that, we won't
> be able to append the CRLF, so we'll generate an invalid reply. If we
> tell it we have a buffer of size outlen*2 + 8, we'll be assured that we
> have enough space for the CRLF to be appended.
Ah, OK, I understand.
Then I see we have another bug here in imap_connection:
/* convert to base64 */
inbase64 = xmalloc(outlen*2+10);
saslresult = sasl_encode64(out, outlen,
inbase64, outlen*2+10,
(unsigned *) &inbase64len);
/* add an endline */
strlcpy(inbase64 + inbase64len, "\r\n", outlen * 2 + 10);
/* send to server */
result = WriteToWire_lmtpstr(cxn,inbase64, inbase64len+2);
strlcpy may write out of where it should...
The right thing is malloc "+10", out "+8" and copy "+10 - inbase64len".
By the way, imap_connection does not seem easy to maintain... (Well,
like innfeed!) I have never tested it...
--
Julien ÉLIE
« C'est aussi un camp romain corse, Vanitasuanitatum. »
More information about the inn-workers
mailing list